Saturday, January 11, 2014

ForSec News SuperPost

I’m really embarrassed I let this collection of ForSec posts grow this large. There really aren’t any good excuses.

Honestly.

If it were any other weekend, I might take the time to break them down into a series of smaller posts, but the weather is super-nice after our recent Gulf-Coast hard-freeze and I really want to get outside and play for a bit.

So either set aside a lot of time before you get started, get a nice beverage handy, or just bookmark the monster that it is and come back when the weather outside is frightful.

Revealing Program Compatibility Assistant HKCU AppCompatFlags Registry Keys - Journey Into Incident Response blog - This post was particularly timely as we are moving our enterprise platform for desktop users (finally) away from Windows XP and over to Windows 7. As such, we are now having to run many legacy applications under “Compatibility Mode” settings. As more Windows users move away from XP, I suspect these keys will become more important for incident responders.

It has been forever since I last built my WinFE. I’m hoping to update it by walking through a fresh build in the next month or so. Brett Shaver’s blog site is rich with great tips and tools and documentation that makes rolling your own (stock or custom) WinFE package a piece of cake.

More ForSec LiveCD News

Back when I started blogging a lifetime ago, there were really just less than a single handful of useful forensic-focused LiveCD builds available. Most have disappeared but luckily a wealth of others sprung up to take their place. It’s all I can to do to stay on top of all the updates and releases of my favorites.

Hackage & Pwnage (and other almost depressing news of late for consumers and from the thin front line)

Like about most every American, we woke up to very bad news around Christmastime with the announcement that Target had been seriously breached. The post-mortem work appears to be silently continuing but the news has been saturated with corporate data and account breaches lately. We are still waiting for our replacement cards to come in. What a drag but small price to pay. It seem like things are getting worse, but what is discouraging is that these are probably the only ones main-stream media is focusing on and people are paying attention to. These smaller breaches occur daily at businesses large and small. My only hope is that not only will excellent forensic analysis lead to applicable lessons learned to improve things (if actually deployed) but that the public will understand the sharper and narrower razor’s edge we seem to be walking down with our personal data and the dependency of data security. Of course this whole “NSA” backdrop is another fine mess but I’ll leave that for another day.

It’s not only a great way to stay personally informed about any security breaches but it’s a good way to show non-technical family and friends this really does impact them. Family and friends may shake their heads at the news stories, but when you have them type one of their email addresses into here and it (unfortunately) shows up…it becomes much more personal.

Credits

Why this? It is the simple blog of a Last Exile fan and is intended to express the enjoyment we derive from studio Gonzo's production. Although we closely relate with those characters, we aren't them in real life. We just want to keep the memory of these incredible young kids alive. So go buy Gonzo's Last Exile DVD's!